[Ach] Help - Question - help - applied-crypto-hardening.pdf - . - -
Adi Kriegisch
adi at kriegisch.at
Fri Feb 6 01:36:24 CET 2015
Hi!
> Any idea"
>
> https://www.ssllabs.com/ssltest/analyze.html?d=mipymesenlinea.com&latest
(...)
> Server: Apache/2.2.22 (Debian)
Apache 2.2 does not offer configurable DH parameters and is limited to
1024bit DH params. The Debian maintainers backported elliptic curve support
to this version of Apache but not the dhparam support (which is most
probably alot more work).
You may either celebrate your A+ and live with 1024bit DH params or you may
* switch to Jessie (not sure if this is a good idea for a production
system)
* use nginx as your web server (or in case you rely on a certain Apache
module that isn't available for nginx:)
* use nginx as a frontend/proxy for Apache that does the SSL
-- Adi
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 827 bytes
Desc: Digital signature
URL: <http://lists.cert.at/pipermail/ach/attachments/20150206/3011111b/attachment.sig>
More information about the Ach
mailing list